Tag: Bulletins

Vulnerability Summary for the Week of April 14, 2025

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info apple — macos  A memory corruption issue was addressed with improved bounds checking. This issue is fixed in tvOS 18.4.1, visionOS 2.4.1, iOS iOS 18.4.1 and iPadOS 18.4.1, macOS…

Read more →

Vulnerability Summary for the Week of April 7, 2025

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info n/a — n/a   A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). Affected devices contain hardcoded credentials for remote access to the device operating…

Read more →

Vulnerability Summary for the Week of April 7, 2025

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info n/a — n/a   A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). Affected devices contain hardcoded credentials for remote access to the device operating…

Read more →

Vulnerability Summary for the Week of March 31, 2025

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Aboobacker.–AB Google Map Travel  Cross-Site Request Forgery (CSRF) vulnerability in Aboobacker. AB Google Map Travel allows Cross Site Request Forgery. This issue affects AB Google Map Travel : from…

Read more →

Vulnerability Summary for the Week of March 31, 2025

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Aboobacker.–AB Google Map Travel  Cross-Site Request Forgery (CSRF) vulnerability in Aboobacker. AB Google Map Travel allows Cross Site Request Forgery. This issue affects AB Google Map Travel : from…

Read more →

Vulnerability Summary for the Week of March 24, 2025

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info n/a — n/a   Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the…

Read more →

Vulnerability Summary for the Week of March 17, 2025

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Synology–Unified Controller (DSMUC)  Off-by-one error vulnerability in the transmission component in Synology Replication Service before 1.0.12-0066, 1.2.2-0353 and 1.3.0-0423 and Synology Unified Controller (DSMUC) before 3.1.4-23079 allows remote attackers…

Read more →

Vulnerability Summary for the Week of March 17, 2025

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Synology–Unified Controller (DSMUC)  Off-by-one error vulnerability in the transmission component in Synology Replication Service before 1.0.12-0066, 1.2.2-0353 and 1.3.0-0423 and Synology Unified Controller (DSMUC) before 3.1.4-23079 allows remote attackers…

Read more →

Vulnerability Summary for the Week of March 10, 2025

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1E–1E Client  Improper link resolution before file access in the Nomad module of the 1E Client, in versions prior to 25.3, enables an attacker with local unprivileged access on…

Read more →

Vulnerability Summary for the Week of March 10, 2025

High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1E–1E Client  Improper link resolution before file access in the Nomad module of the 1E Client, in versions prior to 25.3, enables an attacker with local unprivileged access on…

Read more →